Primary

Context

GLPI Unauthorized Form Structure Export Vulnerability

Vulnerability

Patched

A vulnerability allowing unauthorized export of form structures has been identified in GLPI versions 11.0.0 through 11.0.6. This issue arises when an authenticated user with forms READ permission can export the structure of forms they are not authorized to access.

Impact

Exploitation of this vulnerability allows for unauthorized access to the structure of restricted forms, which could lead to information disclosure or manipulation of form-related data.

Remediation

Users are advised to upgrade to GLPI version 11.0.7, where this vulnerability has been patched.

Added: May 19, 2026, 12:20 AM

Updated: May 19, 2026, 12:20 AM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

0.6

exploitability

5.2

remediation

7.7

relevance

8.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

0.6

exploitability

5.2

remediation

7.7

relevance

8.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GLPI Unauthorized Form Structure Export Vulnerability

Vulnerability

Impact

Remediation

Affected Products

GLPI

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating